On Wed, Sep 20, 2017 at 6:55 PM, Harald Welte <lafo...@gnumonks.org> wrote: > Hi Tom, > > On Wed, Sep 20, 2017 at 11:09:29AM -0700, Tom Herbert wrote: >> On Mon, Sep 18, 2017 at 9:24 PM, David Miller <da...@davemloft.net> wrote: >> > From: Tom Herbert <t...@quantonium.net> >> >> Add configuration to control use of zero checksums on transmit for both >> >> IPv4 and IPv6, and control over accepting zero IPv6 checksums on >> >> receive. >> > >> > I thought we were trying to move away from this special case of allowing >> > zero UDP checksums with tunnels, especially for ipv6. >> >> I don't have a strong preference either way. I like consistency with >> VXLAN and foo/UDP, but I guess it's not required. Interestingly, since >> GTP only carries IP, IPv6 zero checksums are actually safer here than >> VXLAN or GRE/UDP. > > Just for the record: I don't care either way and I defer to the kernel > networking developers to decide if they want to have zero UDP checksum > in GTP or not. > > The 3GPP specs don't say anything about UDP checksums. So there's no > requirement to use them, and hence operation without UDP checksums > should be compliant. Cisco GTP implementation has udp checksumming > configurable, so other implementations also seem to provide both ways. > > In general, I would argue one wants UDP checksumming of GTP in all > setups, as while the inner IP packet might be protected, the GTP header > itself is not, and that's what contains important data suhc as the TEID > (Tunnel Endpoint ID). But that's of course just my personal opinion, > and I'm not saying we should prevent people from using lower protection > if that's what they want. > The tradeoffs and requirements of zero UDP6 checksums are discussed at length in RFC6935 and RFC6936. Given other implementations make it configurable it should also be here.
Tom > -- > - Harald Welte <lafo...@gnumonks.org> http://laforge.gnumonks.org/ > ============================================================================ > "Privacy in residential applications is a desirable marketing option." > (ETSI EN 300 175-7 Ch. A6)
